Security
Headlines
HeadlinesLatestCVEs

Tag

#microsoft

Microsoft September 2024 Patch Tuesday Fixes 79 Flaws, Including 4 Zero-Days

Microsoft's September 2024 Patch Tuesday is here. Make sure you’ve applied the necessary patches!

HackRead
Open in Source
#xss#vulnerability#web#mac#windows#google#microsoft#git#php#rce#vmware#auth#zero_day
Bug Left Some Windows PCs Dangerously Unpatched

Microsoft Corp. today released updates to fix at least 79 security vulnerabilities in its Windows operating systems and related software, including multiple flaws that are already showing up in active attacks. Microsoft also corrected a critical bug that has caused some Windows 10 PCs to remain dangerously unpatched against actively exploited vulnerabilities for several months this year.

Microsoft Discloses 4 Zero-Days in September Update

This month's Patch Tuesday contains a total of 79 vulnerabilities — the fourth largest of the year.

Four zero-days included in group of 79 vulnerabilities Microsoft discloses, including one with 9.8 severity score

September’s monthly round of patches from Microsoft included 79 vulnerabilities, seven of which are considered critical.

Mustang Panda Feeds Worm-Driven USB Attack Strategy

A fresh wave of attacks on APAC government entities involves both self-propagating malware spreading via removable drives and a spear-phishing campaign.

Experts Identify 3 Chinese-Linked Clusters Behind Cyberattacks in Southeast Asia

A trio of threat activity clusters linked to China has been observed compromising more government organizations in Southeast Asia as part of a renewed state-sponsored operation codenamed Crimson Palace, indicating an expansion in the scope of the espionage effort. Cybersecurity firm Sophos, which has been monitoring the cyber offensive, said it comprises three intrusion sets tracked as Cluster

Mustang Panda Deploys Advanced Malware to Spy on Asia-Pacific Governments

The threat actor tracked as Mustang Panda has refined its malware arsenal to include new tools in order to facilitate data exfiltration and the deployment of next-stage payloads, according to new findings from Trend Micro. The cybersecurity firm, which is monitoring the activity cluster under the name Earth Preta, said it observed "the propagation of PUBLOAD via a variant of the worm HIUPAN."

CVE-2024-43476: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** The user would have to navigate to a page with malicious content to be compromised by the attacker.

CVE-2024-43475: Microsoft Windows Admin Center Information Disclosure Vulnerability

**According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?** This attack requires a admin user on the client to connect to a malicious server and then take specific actions which could result in information disclosure.

CVE-2024-43479: Microsoft Power Automate Desktop Remote Code Execution Vulnerability

**According to the CVSS metrics, successful exploitation of this vulnerability could lead to major loss of confidentiality (C:H), integrity (I:H) and availability (A:H). What does that mean for this vulnerability?** The attacker can execute arbitrary Desktop Flows scripts in the target user session by registering the machine to their own malicious Entra tenant, extracting the user's Sid, and creating a malicious AD domain with the same Sid. This allows them to mint valid Entra ID tokens that the attacked machine will trust to run desktop automation in the session of the user with the matching Sid.